From 6d499ee2caf79e66a904a4bb73e336adc00cc13c Mon Sep 17 00:00:00 2001 From: Volodymyr Stoiko Date: Sun, 6 Apr 2025 19:13:25 +0300 Subject: [PATCH] Add pvc volumeMode --- config/configStructs/tapConfig.go | 93 ++++++++++--------- helm-chart/README.md | 1 + .../templates/08-persistent-volume-claim.yaml | 1 + helm-chart/values.yaml | 8 +- 4 files changed, 51 insertions(+), 52 deletions(-) diff --git a/config/configStructs/tapConfig.go b/config/configStructs/tapConfig.go index 99bf42159..b2f2f650d 100644 --- a/config/configStructs/tapConfig.go +++ b/config/configStructs/tapConfig.go @@ -295,52 +295,53 @@ type SeLinuxOptionsConfig struct { } type TapConfig struct { - Docker DockerConfig `yaml:"docker" json:"docker"` - Proxy ProxyConfig `yaml:"proxy" json:"proxy"` - PodRegexStr string `yaml:"regex" json:"regex" default:".*"` - Namespaces []string `yaml:"namespaces" json:"namespaces" default:"[]"` - ExcludedNamespaces []string `yaml:"excludedNamespaces" json:"excludedNamespaces" default:"[]"` - BpfOverride string `yaml:"bpfOverride" json:"bpfOverride" default:""` - Stopped bool `yaml:"stopped" json:"stopped" default:"false"` - Release ReleaseConfig `yaml:"release" json:"release"` - PersistentStorage bool `yaml:"persistentStorage" json:"persistentStorage" default:"false"` - PersistentStorageStatic bool `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"` - EfsFileSytemIdAndPath string `yaml:"efsFileSytemIdAndPath" json:"efsFileSytemIdAndPath" default:""` - StorageLimit string `yaml:"storageLimit" json:"storageLimit" default:"5000Mi"` - StorageClass string `yaml:"storageClass" json:"storageClass" default:"standard"` - DryRun bool `yaml:"dryRun" json:"dryRun" default:"false"` - DnsConfig DnsConfig `yaml:"dns" json:"dns"` - Resources ResourcesConfig `yaml:"resources" json:"resources"` - Probes ProbesConfig `yaml:"probes" json:"probes"` - ServiceMesh bool `yaml:"serviceMesh" json:"serviceMesh" default:"true"` - Tls bool `yaml:"tls" json:"tls" default:"true"` - DisableTlsLog bool `yaml:"disableTlsLog" json:"disableTlsLog" default:"true"` - PacketCapture string `yaml:"packetCapture" json:"packetCapture" default:"best"` - Labels map[string]string `yaml:"labels" json:"labels" default:"{}"` - Annotations map[string]string `yaml:"annotations" json:"annotations" default:"{}"` - NodeSelectorTerms NodeSelectorTermsConfig `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"{}"` - Tolerations TolerationsConfig `yaml:"tolerations" json:"tolerations" default:"{}"` - Auth AuthConfig `yaml:"auth" json:"auth"` - Ingress IngressConfig `yaml:"ingress" json:"ingress"` - Routing RoutingConfig `yaml:"routing" json:"routing"` - IPv6 bool `yaml:"ipv6" json:"ipv6" default:"true"` - Debug bool `yaml:"debug" json:"debug" default:"false"` - Dashboard DashboardConfig `yaml:"dashboard" json:"dashboard"` - Telemetry TelemetryConfig `yaml:"telemetry" json:"telemetry"` - ResourceGuard ResourceGuardConfig `yaml:"resourceGuard" json:"resourceGuard"` - Watchdog WatchdogConfig `yaml:"watchdog" json:"watchdog"` - Sentry SentryConfig `yaml:"sentry" json:"sentry"` - DefaultFilter string `yaml:"defaultFilter" json:"defaultFilter" default:"!dns and !error"` - LiveConfigMapChangesDisabled bool `yaml:"liveConfigMapChangesDisabled" json:"liveConfigMapChangesDisabled" default:"false"` - GlobalFilter string `yaml:"globalFilter" json:"globalFilter" default:""` - EnabledDissectors []string `yaml:"enabledDissectors" json:"enabledDissectors"` - PortMapping PortMapping `yaml:"portMapping" json:"portMapping"` - CustomMacros map[string]string `yaml:"customMacros" json:"customMacros" default:"{\"https\":\"tls and (http or http2)\"}"` - Metrics MetricsConfig `yaml:"metrics" json:"metrics"` - Pprof PprofConfig `yaml:"pprof" json:"pprof"` - Misc MiscConfig `yaml:"misc" json:"misc"` - SecurityContext SecurityContextConfig `yaml:"securityContext" json:"securityContext"` - MountBpf bool `yaml:"mountBpf" json:"mountBpf" default:"true"` + Docker DockerConfig `yaml:"docker" json:"docker"` + Proxy ProxyConfig `yaml:"proxy" json:"proxy"` + PodRegexStr string `yaml:"regex" json:"regex" default:".*"` + Namespaces []string `yaml:"namespaces" json:"namespaces" default:"[]"` + ExcludedNamespaces []string `yaml:"excludedNamespaces" json:"excludedNamespaces" default:"[]"` + BpfOverride string `yaml:"bpfOverride" json:"bpfOverride" default:""` + Stopped bool `yaml:"stopped" json:"stopped" default:"false"` + Release ReleaseConfig `yaml:"release" json:"release"` + PersistentStorage bool `yaml:"persistentStorage" json:"persistentStorage" default:"false"` + PersistentStorageStatic bool `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"` + PersistentStoragePvcVolumeMode string `yaml:"persistentStoragePvcVolumeMode" json:"persistentStoragePvcVolumeMode" default:"FileSystem"` + EfsFileSytemIdAndPath string `yaml:"efsFileSytemIdAndPath" json:"efsFileSytemIdAndPath" default:""` + StorageLimit string `yaml:"storageLimit" json:"storageLimit" default:"5000Mi"` + StorageClass string `yaml:"storageClass" json:"storageClass" default:"standard"` + DryRun bool `yaml:"dryRun" json:"dryRun" default:"false"` + DnsConfig DnsConfig `yaml:"dns" json:"dns"` + Resources ResourcesConfig `yaml:"resources" json:"resources"` + Probes ProbesConfig `yaml:"probes" json:"probes"` + ServiceMesh bool `yaml:"serviceMesh" json:"serviceMesh" default:"true"` + Tls bool `yaml:"tls" json:"tls" default:"true"` + DisableTlsLog bool `yaml:"disableTlsLog" json:"disableTlsLog" default:"true"` + PacketCapture string `yaml:"packetCapture" json:"packetCapture" default:"best"` + Labels map[string]string `yaml:"labels" json:"labels" default:"{}"` + Annotations map[string]string `yaml:"annotations" json:"annotations" default:"{}"` + NodeSelectorTerms NodeSelectorTermsConfig `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"{}"` + Tolerations TolerationsConfig `yaml:"tolerations" json:"tolerations" default:"{}"` + Auth AuthConfig `yaml:"auth" json:"auth"` + Ingress IngressConfig `yaml:"ingress" json:"ingress"` + Routing RoutingConfig `yaml:"routing" json:"routing"` + IPv6 bool `yaml:"ipv6" json:"ipv6" default:"true"` + Debug bool `yaml:"debug" json:"debug" default:"false"` + Dashboard DashboardConfig `yaml:"dashboard" json:"dashboard"` + Telemetry TelemetryConfig `yaml:"telemetry" json:"telemetry"` + ResourceGuard ResourceGuardConfig `yaml:"resourceGuard" json:"resourceGuard"` + Watchdog WatchdogConfig `yaml:"watchdog" json:"watchdog"` + Sentry SentryConfig `yaml:"sentry" json:"sentry"` + DefaultFilter string `yaml:"defaultFilter" json:"defaultFilter" default:"!dns and !error"` + LiveConfigMapChangesDisabled bool `yaml:"liveConfigMapChangesDisabled" json:"liveConfigMapChangesDisabled" default:"false"` + GlobalFilter string `yaml:"globalFilter" json:"globalFilter" default:""` + EnabledDissectors []string `yaml:"enabledDissectors" json:"enabledDissectors"` + PortMapping PortMapping `yaml:"portMapping" json:"portMapping"` + CustomMacros map[string]string `yaml:"customMacros" json:"customMacros" default:"{\"https\":\"tls and (http or http2)\"}"` + Metrics MetricsConfig `yaml:"metrics" json:"metrics"` + Pprof PprofConfig `yaml:"pprof" json:"pprof"` + Misc MiscConfig `yaml:"misc" json:"misc"` + SecurityContext SecurityContextConfig `yaml:"securityContext" json:"securityContext"` + MountBpf bool `yaml:"mountBpf" json:"mountBpf" default:"true"` } func (config *TapConfig) PodRegex() *regexp.Regexp { diff --git a/helm-chart/README.md b/helm-chart/README.md index 2aa877b09..f4748b168 100644 --- a/helm-chart/README.md +++ b/helm-chart/README.md @@ -144,6 +144,7 @@ Example for overriding image names: | `tap.release.namespace` | Helm release namespace | `default` | | `tap.persistentStorage` | Use `persistentVolumeClaim` instead of `emptyDir` | `false` | | `tap.persistentStorageStatic` | Use static persistent volume provisioning (explicitly defined `PersistentVolume` ) | `false` | +| `tap.persistentStoragePvcVolumeMode` | Set the pvc volume mode (Filesystem\|Block) | `Filesystem` | | `tap.efsFileSytemIdAndPath` | [EFS file system ID and, optionally, subpath and/or access point](https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/examples/kubernetes/access_points/README.md) `::` | "" | | `tap.storageLimit` | Limit of either the `emptyDir` or `persistentVolumeClaim` | `500Mi` | | `tap.storageClass` | Storage class of the `PersistentVolumeClaim` | `standard` | diff --git a/helm-chart/templates/08-persistent-volume-claim.yaml b/helm-chart/templates/08-persistent-volume-claim.yaml index 079899161..49c4cb4c5 100644 --- a/helm-chart/templates/08-persistent-volume-claim.yaml +++ b/helm-chart/templates/08-persistent-volume-claim.yaml @@ -33,6 +33,7 @@ metadata: name: kubeshark-persistent-volume-claim namespace: {{ .Release.Namespace }} spec: + volumeMode: {{ .Values.tap.persistentStoragePvcVolumeMode }} accessModes: - ReadWriteMany resources: diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml index f4e2d41f9..c9d25741f 100644 --- a/helm-chart/values.yaml +++ b/helm-chart/values.yaml @@ -33,6 +33,7 @@ tap: namespace: default persistentStorage: false persistentStorageStatic: false + persistentStoragePvcVolumeMode: FileSystem efsFileSytemIdAndPath: "" storageLimit: 5000Mi storageClass: standard @@ -99,12 +100,7 @@ tap: operator: In values: - linux - dex: - - matchExpressions: - - key: kubernetes.io/os - operator: In - values: - - linux + dex: [] tolerations: hub: [] workers: